Merge pull request #7 from callidus/more-object-type

Adding handling for SecretData and OpaqueData objects

kmip/core/enums.py

@@ -366,10 +366,11 @@ class SecretDataType(Enum):
     PASSWORD = 0x00000001
     SEED     = 0x00000002
 
-
 # 9.1.3.2.10
 class OpaqueDataType(Enum):
-    pass
+    NONE = 0x80000000 # Not defined by the standard, but we need something.
+                      # The standard does say that values starting 0x8xxxxxx
+                      # are considered extensions
 
 
 # 9.1.3.2.11

kmip/core/factories/secrets.py

@@ -28,8 +28,10 @@ from kmip.core.objects import KeyMaterial
 from kmip.core.objects import KeyWrappingData
 from kmip.core.objects import KeyValue
 
+from kmip.core.secrets import OpaqueObject
 from kmip.core.secrets import PrivateKey
 from kmip.core.secrets import PublicKey
+from kmip.core.secrets import SecretData
 from kmip.core.secrets import SymmetricKey
 from kmip.core.secrets import Template
 
@@ -70,6 +72,51 @@ class SecretFactory(object):
         if value is None:
             return SymmetricKey()
         else:
+            key_block = self._build_key_block(value)
+            return SymmetricKey(key_block)
+
+    def _create_public_key(self):
+        return PublicKey()
+
+    def _create_private_key(self):
+        return PrivateKey()
+
+    def _create_split_key(self, value):
+        raise NotImplementedError()
+
+    def _create_template(self, value):
+        if value is None:
+            return Template()
+        else:
+            if not isinstance(value, list):
+                msg = utils.build_er_error(Template,
+                                           'constructor argument type', list,
+                                           type(value))
+                raise TypeError(msg)
+            else:
+                for val in value:
+                    if not isinstance(val, Attribute):
+                        msg = utils.build_er_error(Template,
+                                                   'constructor argument type',
+                                                   Attribute, type(val))
+                        raise TypeError(msg)
+            return Template(value)
+
+    def _create_secret_data(self, value):
+        if value:
+            kind = SecretData.SecretDataType(value.get("secret_data_type"))
+            key_block = self._build_key_block(value)
+            return SecretData(kind, key_block)
+        return SecretData()
+
+    def _create_opaque_data(self, value):
+        if value:
+            kind = OpaqueObject.OpaqueDataType(value.get("opaque_data_type"))
+            data = OpaqueObject.OpaqueDataValue(value.get("opaque_data_value"))
+            return OpaqueObject(kind, data)
+        return OpaqueObject()
+
+    def _build_key_block(self, value):
             key_type = value.get('key_format_type')
             key_compression_type = value.get('key_compression_type')
             key_value = value.get('key_value')
@@ -102,37 +149,4 @@ class SecretFactory(object):
                                  crypto_algorithm,
                                  crypto_length,
                                  key_wrap_data)
-            return SymmetricKey(key_block)
+            return key_block
-
-    def _create_public_key(self):
-        return PublicKey()
-
-    def _create_private_key(self):
-        return PrivateKey()
-
-    def _create_split_key(self, value):
-        raise NotImplementedError()
-
-    def _create_template(self, value):
-        if value is None:
-            return Template()
-        else:
-            if not isinstance(value, list):
-                msg = utils.build_er_error(Template,
-                                           'constructor argument type', list,
-                                           type(value))
-                raise TypeError(msg)
-            else:
-                for val in value:
-                    if not isinstance(val, Attribute):
-                        msg = utils.build_er_error(Template,
-                                                   'constructor argument type',
-                                                   Attribute, type(val))
-                        raise TypeError(msg)
-            return Template(value)
-
-    def _create_secret_data(self, value):
-        raise NotImplementedError()
-
-    def _create_opaque_data(self, value):
-        raise NotImplementedError()

kmip/demos/get.py

@@ -60,7 +60,7 @@ if __name__ == '__main__':
                            credential)
     uuid = result.uuid.value
 
-    result = client.get(uuid, credential)
+    result = client.get(uuid=uuid, credential=credential)
     client.close()
 
     logger.debug('get() result status: {0}'.format(result.result_status.enum))

kmip/demos/utils.py

@@ -21,6 +21,7 @@ from kmip.core.enums import CryptographicAlgorithm as CryptoAlgorithmEnum
 from kmip.core.enums import CryptographicUsageMask
 from kmip.core.enums import ObjectType
 from kmip.core.enums import Operation
+from kmip.core.enums import SecretDataType
 
 from kmip.core.factories.attributes import AttributeFactory
 
@@ -33,6 +34,7 @@ from kmip.core.objects import KeyValue
 from kmip.core.secrets import PrivateKey
 from kmip.core.secrets import PublicKey
 from kmip.core.secrets import SymmetricKey
+from kmip.core.secrets import SecretData
 
 import optparse
 import sys
@@ -165,7 +167,7 @@ def build_cli_parser(operation):
             default="SYMMETRIC_KEY",
             dest="type",
             help=("Type of the object to register. Supported types include: "
-                  "PRIVATE_KEY, PUBLIC_KEY, SYMMETRIC_KEY"))
+                  "PRIVATE_KEY, PUBLIC_KEY, SYMMETRIC_KEY, SECRET_DATA"))
     elif operation is Operation.QUERY:
         pass
     elif operation is Operation.DISCOVER_VERSIONS:
@@ -177,7 +179,8 @@ def build_cli_parser(operation):
 
 
 def build_cryptographic_usage_mask(logger, object_type):
-    if object_type == ObjectType.SYMMETRIC_KEY:
+    if (object_type == ObjectType.SYMMETRIC_KEY or
+       object_type == ObjectType.SECRET_DATA):
         flags = [CryptographicUsageMask.ENCRYPT,
                  CryptographicUsageMask.DECRYPT]
     elif object_type == ObjectType.PUBLIC_KEY:
@@ -215,13 +218,18 @@ def build_object(logger, object_type, key_format_type):
         return PublicKey(key_block)
     elif object_type == ObjectType.PRIVATE_KEY:
         return PrivateKey(key_block)
+    elif object_type == ObjectType.SECRET_DATA:
+        kind = SecretData.SecretDataType(SecretDataType.PASSWORD)
+        return SecretData(secret_data_type=kind,
+                          key_block=key_block)
     else:
         logger.error("Unrecognized object type, could not build object")
         sys.exit()
 
 
 def build_cryptographic_length(logger, object_type):
-    if object_type == ObjectType.SYMMETRIC_KEY:
+    if (object_type == ObjectType.SYMMETRIC_KEY or
+       object_type == ObjectType.SECRET_DATA):
         return CryptographicLength(128)
     elif object_type == ObjectType.PUBLIC_KEY:
         return CryptographicLength(1024)
@@ -234,7 +242,8 @@ def build_cryptographic_length(logger, object_type):
 
 
 def build_cryptographic_algorithm(logger, object_type):
-    if object_type == ObjectType.SYMMETRIC_KEY:
+    if (object_type == ObjectType.SYMMETRIC_KEY or
+       object_type == ObjectType.SECRET_DATA):
         return CryptographicAlgorithm(CryptoAlgorithmEnum.AES)
     elif object_type == ObjectType.PUBLIC_KEY:
         return CryptographicAlgorithm(CryptoAlgorithmEnum.RSA)
@@ -247,7 +256,8 @@ def build_cryptographic_algorithm(logger, object_type):
 
 
 def build_key_value(logger, object_type):
-    if object_type == ObjectType.SYMMETRIC_KEY:
+    if (object_type == ObjectType.SYMMETRIC_KEY
+       or object_type == ObjectType.SECRET_DATA):
         return (
             b'\x30\x82\x02\x76\x02\x01\x00\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7'
             b'\x0D\x01\x01\x01\x05\x00\x04\x82\x02\x60\x30\x82\x02\x5C\x02\x01'